Transcription

1 The National Cybersecurity Workforce Framework 2015 Delaware Cyber Security Workshop September 29, 2015 Bill Newhouse NICE Program Office at the National Institute of Standards and Technology

2 NICE is a national initiative to address cybersecurity education, training, and workforce development NICE is a public private partnership between government, academia, and the private sector NICE will build upon existing successful programs NICE will facilitate change and innovation NICE will bring leadership and vision NICE values communication, collaboration, inclusion, evidence, action and results 2

3 NICE Strategic Goals Accelerate Learning and Skills Development Nurture a Diverse Learning Community Guide Career Development and Workforce Planning 3

4 Accelerate Learning and Skills Development Invoke a sense of urgency in both the public and private sectors to address the shortage of a skilled workforce Stimulate approaches and techniques that can more rapidly increase the supply of qualified cybersecurity workers Reduce the time and cost for obtaining for in demand work roles Pursue displaced workers or underemployed individuals who are available and motivated Identify and fill gaps in cybersecurity skills training to support identified workforce needs 4

5 Nurture a Diverse Learning Community Encourage creative and effective efforts to increase the number of underrepresented populations Inspire cybersecurity, exploration, and preparedness with students in elementary and secondary schools Strengthen formal education programs, co curricular experiences, training and certifications, and employer based training Build on institutional initiatives to improve student success by establishing academic pathways for cybersecurity careers Explore international approaches that could inform practice in the United States or that NICE could influence 5

8 NICE FRAMEWORK The NICE Cybersecurity Workforce Framework outlines 31 functional work specialties within seven categories Developed in collaboration with subject matter experts from government, non-profits, academia, and the private sector. Foundation for increasing the size and capability of the US cybersecurity workforce. National resource for employers, educators, trainers, and policy makers, providing a common cybersecurity lexicon. 8

9 Securely Provision Operate and Maintain Protect and Defend Investigate Operate and Collect Analyze Oversight and Development concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems' development responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct cybersecurity work

11 National Cybersecurity Workforce Framework Provides a foundation that organizations can use to develop position descriptions, competency models, and training. Competencies are areas of expertise required for successful performance of a role or job function. Competency list displays the types of workforce characteristics an individual must exhibit to successful perform his/her specific role. The Framework defines competencies through the association of KSAs. 11

12 National Cybersecurity Workforce Framework When degrees, jobs, training and certifications are aligned to the Workforce Framework: 12

THE NATIONAL CYBERSECURITY WORKFORCE FRAMEWORK USER GUIDE Employers Workforce Framework User Guide Welcome to the User Guide! The Workforce Framework helps Employers to recruit from a larger pool of more

National Initiative for Cybersecurity Careers and Studies (NICCS) Cybersecurity Training and Education Catalog Training Provider Instruction Guide Overview During this presentation, you will: Learn about

How to use the National Cybersecurity Workforce Framework Your Implementation Guide A NATIONAL PROBLEM The Nation needs greater cybersecurity awareness. The US workforce lacks cybersecurity experts. Many

THE NICE VISION National Initiative for Cybersecurity Education a national campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms, and to build a digital

National Initiative for Cybersecurity Careers and Studies (NICCS) Webinar April 25, 2013 Welcome to the NICCS Webinar! Thank you for joining us today. During this presentation, you will: Learn about the

Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE) February 2011 THEPRESENT Comprehensive National Cybersecurity Initiative Training the existing

Statement of Gil Vega Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer U.S. Department of Energy Before the Subcommittee on Oversight and Investigations Committee

UNM Information Assurance Scholarship for Service (SFS) Program What is Information Assurance? Committee on National Security Systems (CNSS) defines information assurance (IA): Measures that protect and

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation

Strategic Plan September 2012 NIST NICE Component Leads Overall Lead Ernest L. McDuffie, Ph.D. Lead for the National Initiative for Cybersecurity Education (NICE) United States Department of Commerce (DoC)

Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 March 17, 2010 BACKGROUND & WHY THIS LEGISLATION IS IMPORTANT: Our nation is at risk. The networks that American families and businesses

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans NICE Annual Conference November 2015 Panelists David Brown, Director of CyberTalent at the SANS Institute, a new business unit

DHS CMSI Webinar Series Renee Forney Executive Director As the Executive Director for the Cyberskills Management Support Initiative (CMSI), Ms. Forney supports the Undersecretary for Management (USM) for

Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we

SECTION-BY-SECTION Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012. Section 2. Definitions. Section 2 defines terms including commercial information technology product,

Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.

GAO November 2011 United States Government Accountability Office Report to the Chairman, Subcommittee on Immigration, Refugees, and Border Security, Committee on the Judiciary U.S. Senate CYBERSECURITY

TURNING THE RISING TIDE OF CYBERSECURITY THREATS With cyber attacks on the rise, there s a growing need for digital forensic professionals with the knowledge and skills to investigate technology crimes

Preventing and Defending Against Cyber Attacks June 2011 The Department of Homeland Security (DHS) is responsible for helping Federal Executive Branch civilian departments and agencies secure their unclassified

Purdue University Department of Computer Science West Lafayette, IN Strategic Plan 2010-2015 Final Version 5.0: May 3, 2010 Computer science is a discipline that involves the understanding and design of

Preventing and Defending Against Cyber Attacks November 2010 The Nation s first ever Quadrennial Homeland Security Review (QHSR), delivered to Congress in February 2010, identified safeguarding and securing

Cybersecurity: A Shared Responsibility and Department of Homeland Security Priority A Presentation to the National Cyberwatch Center November 20, 2015 Webinar Protocol :: Mute your phone/mic when not talking

Cybersecurity High School and Beyond High School Career Fair and Expo March 29, 2014 Diane G. Miller, CCP Director, Operations Northrop Grumman Information Security Program Director, CyberPatriot Topics

FNSBSD 2015-16 Workplace Diversity Action Plan Goal 1. Teachers and other staff who reflect the diversity of our students will work in our schools. Action School Board selects as a performance goal the

International Chamber of Commerce The world business organization ICC Cyber Security Guide for Business World Bank Seminar on Cyber Preparedness Vienna. 18 19 May 2015 Gerard Hartsink Chair ICC Task Force

Cybersecurity Cybersecurity is the measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack. Cybersecurity is the faster growing IT job, growing

Statement of William D. Green Executive Chairman of the Board, Accenture and Member, Committee on Research Universities Board on Higher Education and Workforce Policy and Global Affairs National Research

Overview of the National Science Foundation (NSF)* _ HBCU-Up LDI Costello L. Brown August 2-6, 2010 *http://www.nsf.gov/news/mmg/mmg_disp.cfm?med The National Science Foundation (NSF) The National Science

EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C. 20503 October 30, 2015 Executive Summary Strengthening the cybersecurity of Federal networks, systems, and data is one

Why We Did The Evaluation Executive Summary Information is one of a financial institution s (FI) most important assets. Protection of information is critical to establishing and maintaining trust between

Written Testimony of Dr. Andy Ozment Assistant Secretary for Cybersecurity and Communications U.S. Department of Homeland Security Before the U.S. House of Representatives Committee on Oversight and Government

Iowa Workforce Development Regional Partners and Managers Training Sector Strategies June 5, 2015 What is a Sector Approach? A systems approach to workforce development, typically on behalf of low income

Graduate Studies Office Strategic Plan 2014-2018 who we are the graduate StudieS Office is an academic SuPPOrt unit; it has five functional areas that SuPPOrt graduate StudieS at the university Of WaterlOO:»

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and Healthy Students Hamed Negron-Perez,

State of New Hampshire Cybersecurity Strategy and Actions Commissioner Goulet Director Plummer Commissioner Toumpas Assumptions The term statewide is meant to convey that scope is not limited to the executive

El Camino College Homeland Security Spring 2016 Courses With over 250,000 federal positions in Homeland Security and associated divisions, students may find good career opportunities in this field. Explore

Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State

HR 2272 Conference Report STEM Education Provisions Summary Title I Office of Science and Technology Policy (OSTP) Directs the President to convene a National Science and Technology Summit not more than

introduction The ability of academia and public and private employers to prepare, educate, recruit, train, develop, and retain a diverse, to our nation s security and prosperity. [full text version] defining

Department of Defense DIRECTIVE NUMBER 1403.03 October 25, 2007 USD(P&R) SUBJECT: The Career Lifecycle Management of the Senior Executive Service Leaders Within the Department of Defense References: (a)

Talent Management Essential Toolkit Talent Management Essential Toolkit This presentation has been prepared to to provide the reader with an initial overview of five talent management tools that can assist